{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/hiper-1200gw/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-10292"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["HiPER 1200GW"],"_cs_severities":["high"],"_cs_tags":["cve","buffer overflow","remote code execution","web application"],"_cs_type":"advisory","_cs_vendors":["UTT"],"content_html":"\u003cp\u003eA stack-based buffer overflow vulnerability, CVE-2026-10292, has been identified in UTT HiPER 1200GW devices up to version 2.5.3-170306. The vulnerability resides within the \u003ccode\u003estrcpy\u003c/code\u003e function in the \u003ccode\u003e/goform/formTaskEdit\u003c/code\u003e file. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected device remotely. Public exploits are available, increasing the risk of exploitation. This vulnerability poses a significant threat to organizations using affected UTT HiPER 1200GW devices, potentially leading to device compromise and network disruption. Defenders should prioritize patching or mitigating this vulnerability to prevent potential attacks.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable UTT HiPER 1200GW device running a version up to 2.5.3-170306.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/goform/formTaskEdit\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe request contains an overly long string for one of the parameters, specifically designed to overflow the buffer when processed by the \u003ccode\u003estrcpy\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003estrcpy\u003c/code\u003e function attempts to copy the oversized string into a fixed-size buffer on the stack, leading to a buffer overflow.\u003c/li\u003e\n\u003cli\u003eThe buffer overflow overwrites adjacent memory locations on the stack, including the return address.\u003c/li\u003e\n\u003cli\u003eThe attacker manipulates the overwritten return address to point to malicious code or a ROP chain.\u003c/li\u003e\n\u003cli\u003eThe device attempts to return from the \u003ccode\u003eformTaskEdit\u003c/code\u003e function, but instead executes the attacker-controlled code.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control of the device and can execute arbitrary commands.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-10292 allows a remote attacker to execute arbitrary code on the affected UTT HiPER 1200GW device. This can lead to complete system compromise, including data theft, device hijacking, and denial of service. Given that the exploit is public, the likelihood of exploitation is elevated. Organizations using the affected device are at high risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply available patches or updates provided by UTT to remediate CVE-2026-10292 on UTT HiPER 1200GW devices up to version 2.5.3-170306.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious POST requests to \u003ccode\u003e/goform/formTaskEdit\u003c/code\u003e containing unusually long parameters, as described in the attack chain, and use the \u0026quot;Detect Suspicious Long POST Request to FormTaskEdit\u0026quot; Sigma rule.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit the impact of a potential device compromise.\u003c/li\u003e\n\u003cli\u003eConsider using a Web Application Firewall (WAF) to filter out malicious requests targeting the vulnerable endpoint.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-06-01T22:21:54Z","date_published":"2026-06-01T22:21:54Z","id":"https://feed.craftedsignal.io/briefs/2026-06-cve-2026-10292/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-10292) exists in the strcpy function of /goform/formTaskEdit in UTT HiPER 1200GW up to version 2.5.3-170306, allowing for remote code execution.","title":"UTT HiPER 1200GW Stack-Based Buffer Overflow Vulnerability (CVE-2026-10292)","url":"https://feed.craftedsignal.io/briefs/2026-06-cve-2026-10292/"}],"language":"en","title":"CraftedSignal Threat Feed - HiPER 1200GW","version":"https://jsonfeed.org/version/1.1"}